Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Thousands of Comcast customers have data stolen from third party debt collectors

Ransomware avast.

Hundreds of thousands of Comcast users had their data stolen in a third-party ransomware attack and data breach on a third-party partner, the company has confirmed.

Financial Business and Consumer Solutions (FBCS) fell prey to an attack from an unknown threat actor in February 2024 which saw sensitive data stolen and systems encrypted, with the hackers then demanding payment in exchange for releasing the decryption key.

When FBCS initially suffered the ransomware attack, the crooks made away with sensitive data on more than four million people, and at first, the firm believed Comcast’s customer data was secure, but after a more thorough investigation, FBCS has concluded it was affected, too.

Comcast and Truist Bank

In total, 237,703 Comcast customers had their sensitive data taken, including names, addresses, Social Security numbers, dates of birth, and the Comcast account numbers and ID numbers used internally at FBCS.

One intriguing point appears to be that the affected users were apparently Comcast customers around 2021, which is somewhat odd, since FBCS wasn’t a Comcast client at that time, and wouldn't be for another year.

FBCS is a debt collection firm, which Comcast allegedly used until 2020, also offering account management, financial advisory, credit solutions, and payment processing services.

After learning of the incident, Comcast started notifying its customers, and sent out a data breach notification letter, stating it will cover the expenses of identity theft protection services, since the FBCS allegedly cannot afford it. It also said that the firm notified the FBI of the intrusion.

Despite this being a major ransomware attack against a large enterprise, with millions of victims, no threat actor has yet claimed responsibility.

To make matters worse, Comcast was not the only company affected by the FBCS attack. BleepingComputer reports that Truist Bank was also a victim, but this firm did not say how many of its customers lost their data.

Via The Register

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.